Mind blowing 🤯 $20 million USD bounties! (Zero to Hero Money Hacking Roadmap)

Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful – some of the options are not recommended.

// Stephen’s Social //
YouTube: https://www.youtube.com/@OffByOneSecu…
Twitter: steph3nsims

// Stephen Recommends //
Programming Tools:
Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript:

PyCharm – Python IDE with Great IDA Pro Support: https://www.jetbrains.com/pycharm/

VS Code: https://code.visualstudio.com/

Patch Diffing:
Windows Binary Index for Patch Diffing: https://winbindex.m417z.com/

BinDiff Tool for IDA Pro, Ghidra, or Binary Ninja https://www.zynamics.com/bindiff.html

Diaphora Diffing Tool for IDA Pro http://diaphora.re/

PatchExtract for Extracting MS Patches from MSU Format https://gist.github.com/wumb0/306f97d…

Vulnerable Things to Hack
HackSys Extreme Vulnerable Driver: https://github.com/hacksysteam/HackSy…

WebGoat – Deliberately Insecure Application: https://owasp.org/www-project-webgoat/

Damn Vulnerable Web App: https://github.com/digininja/DVWA

Buggy Web App: http://itsecgames.com/

Gruyere Cheesy Web App: https://google-gruyere.appspot.com/

Metasploitable: https://sourceforge.net/projects/meta…

Damn Vulnerable iOS App: https://resources.infosecinstitute.co…

OWASP Multillidae: https://github.com/webpwnized/mutillidae

Online CTF’s and Games:
SANS Holiday Hack 2023 and Prior: https://www.sans.org/mlp/holiday-hack… https://www.holidayhackchallenge.com/…

CTF Time – A great list of upcoming and previous CTF’s!: https://ctftime.org/

YouTube Channels:


Free Learning Resources:
SANS Free Resources – Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center: https://www.sans.org/security-resources/

Shellphish – Heap Exploitation: https://github.com/shellphish/how2heap

Exploit Database – Downloadable Vulnerable Apps and Corresponding Exploits: https://www.exploit-db.com/

Google Hacking Database (GHDB): https://www.exploit-db.com/google-hac…

Google Cybersecurity Certificate: https://grow.google/certificates/cybe…

Phrack Magazine: http://www.phrack.org/

Kali Linux: https://www.kali.org/get-kali/#kali-p…

Slingshot Linux: https://www.sans.org/tools/slingshot/

Books & Articles:
Gray Hat Hacking Series: https://amzn.to/3B1FeIK
Hacking: The Art of Exploitation: https://amzn.to/3Us9Uts

A Guide to Kernel Exploitation: https://amzn.to/3vfY8vu

Smashing the Stack for Fun and Profit – Old, but a classic: https://inst.eecs.berkeley.edu/~cs161…

Understanding Windows Shellcode – Old, but still good: https://www.hick.org/code/skape/paper…

Great list of exploitation paper links from Shellphish!: https://github.com/shellphish/how2hea…

// Stephen’s previous videos with David //
Free Exploit development training (beginner and advanced) How to make Millions $$$ hacking zero…

Buffer Overflow Hacking Tutorial (Bypass Passwords): Buffer Overflow Hacking Tutorial (Byp…

// David’s Social //

Connect with me:
Discord: http://discord.davidbombal.com
X: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel https://www.youtube.com/davidbombal
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

Support me:
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// MY STUFF //

Interested in sponsoring my videos: sponsors@davidbombal.com

// MENU //
00:00 – Coming Up
00:00 – Intro
01:11 – Stephen’s Experience
03:10 – How to Change Careers
05:39 – How do I Become an Expert?
08:01 – Cyber Crime
12:47 – Ransomware
16:42 – Ransomware with A.I
23:15 – Bug Bounties & Disclosures
28:22 – Web Bug Bounties
33:45 – Binary Exploitation
41:18 – Patching and n-Day Exploits
48:56 – What is the Patch Level in the Target Org?
51:47 – Diffing Example
55:40 – Professional Services
01:03:34 – Exploit Sales Considerations
01:13:07 – The Golden Era of Hacking
01:15:00 – Zero to Hero
01:27:01 – OffByOneSecurity
01:37:42 – Conclusions
01:39:43 – Outro

exploit development
zero day
dark web
kali linux

Disclaimer: This video is for educational purposes only.

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

#android #ios #hacker

  • David Bombal